| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025123057-CVE-2023-54260-cc1d@gregkh> Date: Tue, 30 Dec 2025 13:20:26 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2023-54260: cifs: Fix lost destroy smbd connection when MR allocate failed From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbd_destroy() will directly return, then the connection info will be leaked. Let's set the smb direct connection info to the server before call smbd_destroy(). The Linux kernel CVE team has assigned CVE-2023-54260 to this issue. Affected and fixed versions =========================== Issue introduced in 4.16 with commit c7398583340a6d82b8bb7f7f21edcde27dc6a898 and fixed in 4.19.276 with commit d303e25887127364a6765eaf7ac68aa2bac518a9 Issue introduced in 4.16 with commit c7398583340a6d82b8bb7f7f21edcde27dc6a898 and fixed in 5.4.235 with commit 324c0c34fff1affd436e509325cb46739209704e Issue introduced in 4.16 with commit c7398583340a6d82b8bb7f7f21edcde27dc6a898 and fixed in 5.10.173 with commit caac205e0d5b44c4c23a10c6c0976d50ebe16ac2 Issue introduced in 4.16 with commit c7398583340a6d82b8bb7f7f21edcde27dc6a898 and fixed in 5.15.99 with commit 46cd6c639cddba2bd2d810ceb16bb20374ad75b0 Issue introduced in 4.16 with commit c7398583340a6d82b8bb7f7f21edcde27dc6a898 and fixed in 6.1.16 with commit c51ae01104b318bf15f3c5097faba5c72addba7a Issue introduced in 4.16 with commit c7398583340a6d82b8bb7f7f21edcde27dc6a898 and fixed in 6.2.3 with commit 04b7e13b8a13264282f874db5378fc3d3253cfac Issue introduced in 4.16 with commit c7398583340a6d82b8bb7f7f21edcde27dc6a898 and fixed in 6.3 with commit e9d3401d95d62a9531082cd2453ed42f2740e3fd Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2023-54260 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: fs/cifs/smbdirect.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/d303e25887127364a6765eaf7ac68aa2bac518a9 https://git.kernel.org/stable/c/324c0c34fff1affd436e509325cb46739209704e https://git.kernel.org/stable/c/caac205e0d5b44c4c23a10c6c0976d50ebe16ac2 https://git.kernel.org/stable/c/46cd6c639cddba2bd2d810ceb16bb20374ad75b0 https://git.kernel.org/stable/c/c51ae01104b318bf15f3c5097faba5c72addba7a https://git.kernel.org/stable/c/04b7e13b8a13264282f874db5378fc3d3253cfac https://git.kernel.org/stable/c/e9d3401d95d62a9531082cd2453ed42f2740e3fd
Powered by blists - more mailing lists